Do any #Mastodon administrators know how long a server needs to retain IP addresses for moderators to be able to counter #spam?
Apparently, my #privacy-motivated proposal to shorten retention from 1 year to 2 days would hamper spam moderation
GDPR says retention should be “no longer than is necessary”
To reduce legal risk for Mastodon administrators I think we should determine what is the minimum IP retention period necessary to counter most spam
1 month? 2 months?
https://github.com/mastodon/mastodon/pull/22393#issuecomment-1986971489
@eob I don't think vanilla Mastodon has much in the way of anti-spam tooling. The option of a text Question + Answer Captcha set by the admin would probably be an improvement over what it has.
I'm not sure about fediverse spam, however generally, spam often came from compromised machines in the past (or other situations where simply blocking IPs could lead to legitimate users also being hit).
@olives I'm not an administrator, but based on the replies in the PR and here, it does seem like blocking IPs is something that administrators depend on for spam protection
It may be, as you suggest, we need better spam protection by other means, such a captchas
But sometimes more nuanced anti-spam also wants IP addresses
For example only suspicious IPs might get a captcha, or data from suspicious iPs could be dropped from analytics to avoid polluting the analytics